As a leading performance marketing platform, Aplicación Goya is dedicated to providing customers with complete transparency and control over user data, supporting them in their GDPR compliance journey.
Table of Contents
What is the GDPR and How It Affects Aplicación Goya Customers?
On May 25, 2018, the European Union implemented the General Data Protection Regulation (GDPR), a data privacy law aimed at standardizing data privacy regulations across Europe. The GDPR’s primary goal is to protect and empower the data privacy of all EU citizens, transforming how organizations handle personal data.
Any company that collects or processes personal data from individuals in the EU is subject to the GDPR, regardless of whether the company has a physical presence in the European Union. This means that most global or online businesses, including Aplicación Goya customers, are affected by GDPR.
GDPR Compliance as a Shared Responsibility: Data Controllers and Data Processors
Data Controller: This term refers to any organization or entity that determines how personal data is processed and why. Aplicación Goya clients act as data controllers.
Data Processor: Refers to any organization that processes personal data on behalf of the data controller. Aplicación Goya serves as a data processor, ensuring the secure handling and processing of data based on client instructions.
Our Commitment to GDPR: How Aplicación Goya Prepares
To ensure GDPR compliance, we have implemented several policies and processes designed to protect the personal data collected by our clients, adhering to the GDPR’s strict requirements.
Data Collection and Retention Policies
With a focus on data minimization, we’ve made the following updates:
- IP addresses and Device IDs: Retained for a rolling period of 12 months.
- Log-level reporting: Data will also have a 12-month rolling retention period.
- Note: Retention windows apply to Conversion Reports and Click Logs. Stats Reports will remain available beyond this window, with Affiliate Sub and Source stats queries available for up to 18 months.
Data Deletion Process
In accordance with articles 17, 30, and 32(4) of the GDPR, we follow strict guidelines on the deletion of personal data, including:
Physical Access Control: Our data centers are protected with high security, including monitored CCTV, alarm systems, and on-site security. Access to servers is strictly controlled, and even Aplicación Goya employees do not have unrestricted access.
Data Access, Usage, and Transmission Controls: We use tools to prevent unauthorized access, modification, or deletion of data. During transmission, data is fully secured to prevent unauthorized changes.
Separation Rule: We ensure that data collected for different purposes is kept separate, ensuring privacy during processing and in both test and production systems.
Pseudonymization
We apply hashing techniques as early as possible to ensure that personal data is stored in a manner that prevents it from being linked to an identifiable individual without additional information.
Availability and Rapid Recoverability
Data backups are regularly conducted to protect against potential data loss. These backups are transferred to remote sites, ensuring the ability to restore data if necessary.
Incident Response Management
In the event of a data breach or loss, we immediately inform the affected parties and take necessary steps to resolve the issue promptly.
Deleting Personal Data of Affiliates, Advertisers, and Employees
Customers have the option to permanently delete personal data related to their affiliates, advertisers, or employees. When deleting end user, affiliate, or employee data, only personal identifiable information (PII) will be removed, ensuring the accuracy of aggregate data is maintained.
Privacy by Design
Aplicación Goya integrates privacy measures into every stage of our software development process, ensuring that personal data is processed strictly according to customer instructions and GDPR guidelines.
- Personal data is only collected with explicit user consent.
- We never sell or re-broker personal data.
- We offer opt-in/opt-out options to ensure user control over data usage.
- Do Not Track preferences are fully respected.
For more information on GDPR compliance with Aplicación Goya, please contact our privacy team at [email protected]
By ensuring GDPR compliance, Aplicación Goya provides a secure, reliable platform for managing your data while respecting the privacy rights of users.